The DefMal project focuses on combating malware: a subject that affects the entire digital environment such as Internet of Things (IoT), embedded systems (Drones), autonomous vehicles (Cars), industrial systems (ICS/Scada), and of course all IT infrastructure (Cloud, Smartphones, firmwares).
Challenges: The issues raised must lead to the development of new methods for malware analysis and defense, understanding the economic, legal, criminal, and sociological aspects underlying this ecosystem in an interdisciplinary approach, and developing an exchange platform for research.
Keywords: #malware, #botnet, #ransomware, #loader, #compromise, #vulnerabilities, #backdoors, #detection, #reverse engineering, #forensic analysis.
Technology advancements enhance everyday life, but they also provide numerous opportunities for the proliferation of advanced cybercrimes, which, via innovative tactics and techniques, pose serious security and financial risks to EU and beyond. ENSEMBLE aims to provide a well-rounded response to the fight against (cross-border) cybercriminal activities, at the nexus of advanced AI-based technological solutions, (multi-stakeholder) investigations processes, training, and awareness in order to detect and prevent cybercrime-related activities, with particular focus on ransomware, cyber fraud, data theft and extortion as well as unauthorised access and crypto-jackings. This will be achieved via a three-pillar approach. ENSEMBLE will develop a modular AI-based, forensically sound investigation toolbox based on user centric criteria, to assist Police Authorities in detecting, extracting, processing, and analysing online information relevant to cybercrime activities, thus fighting sophisticated cyber-threats, capitalising also in joint multi-stakeholder operations both at national and cross border level and in secure data and information sharing mechanisms. Police Authorities, prosecutors, and judicial actors involved in such investigations will be offered innovative training curricula and methods as well as synchronous and/or asynchronous learning methodologies that will be aligned to their needs and improve their current capacity, taking into consideration the technological, procedural, operational, legal/multi-jurisdictional dimensions. Finally, public awareness and engagement with relevant actors for early identification and prevention of cybercrimes will be cultivated through targeted awareness raising campaigns and specific policy recommendations. Having brough together a multidisciplinary team of five LEAs, seven research/academic institutions and six industry partners (including five SMEs) with a wide range of expertise in the field, ENSEMBLE provides a compelling
Partners in France : Ministère de l’intérieur, CEA, Université de Lorraine
Project Coordinator : Certh (Grèce) – Funded by Horizon Europe
